domino_admin_toolkit.checks.test_cert_manager module
- domino_admin_toolkit.checks.test_cert_manager.test_cert_manager_instances()
- Description:
Checks more than 1 cert-manager instances in the cluster. Running multiple cert-managers just won’t work well and incompatible currently. Issue : https://github.com/cert-manager/cert-manager/issues/2525
- Result:
Fails when more than 1 cert-manager in the cluster.
- Public Facing KB:
- domino_admin_toolkit.checks.test_cert_manager.test_cert_manager_metrics()
- Description:
Gathers prometheus metrics from CertManager
cert_read_errors - track the total number of errors encountered while reading certificates.
cert_read_successful - total number of certificates read successfully by Cert Manager.
- Result:
Displays the metrics in a table.
- Public Facing KB:
- domino_admin_toolkit.checks.test_cert_manager.test_certmgr_crds()
- Description:
Gathers list of custom resource definitions (crds) for cert-manager running in the deployment.crds are kubernetes resources like pods but are custom defined.
Ref: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/
CRD objects for cert-manager acts as client/servers in requesting and issuing certificates.
clusterissuers.cert-manager.io - certificate authorities (cluster scoped)
issuers.cert-manager.io - certificate authorities (namespace scoped)
certificates.cert-manager.io - certificates resources issued by cert-manager
certificaterequests.cert-manager.io - certificate requests for cert-manager.
orders.acme.cert-manager.io - ACME issue Orders
challenges.acme.cert-manager.io - ACME Challenges
Any deletion of the crds could result in potential failure of certificates flow within the cluster.
- Result:
Returns the crd list and in next version of the test get the status on each crd
- Public Facing KB: